security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
81d84a4e268576ee797fa03dd0d63eafce48415a
atomic-red-team/Linux/README.md
T
caseysmithrc fdde68b5e7 Merge pull request #104 from ForensicITGuy/linux-root-ca 
Added test to generate and trust root CA on Linux. Updated README.
2018-03-14 21:47:32 -06:00

8.1 KiB
Raw Blame History

MITRE ATT&CK Matrix - Linux

Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Execution Collection Exfiltration Command and Control
.bash_profile and .bashrc Exploitation of Vulnerability Binary Padding Bash History Account Discovery Application Deployment Software Command-Line Interface Audio Capture Automated Exfiltration Commonly Used Port
Bootkit Setuid and Setgid Clear Command History Brute Force File and Directory Discovery Exploitation of Vulnerability Graphical User Interface Automated Collection Data Compressed Communication Through Removable Media
Browser Extensions Sudo Disabling Security Tools Create Account Network Service Scanning Remote File Copy Scripting Browser Extensions Data Encrypted Connection Proxy
Cron Job Valid Accounts Exploitation of Vulnerability Credentials in Files Permission Groups Discovery Remote Services Source Clipboard Data Data Transfer Size Limits Custom Command and Control Protocol
Hidden Files and Directories Web Shell File Deletion Exploitation of Vulnerability Process Discovery Third-party Software Space after Filename Data Staged Exfiltration Over Alternative Protocol Custom Cryptographic Protocol
Rc.common HISTCONTROL Input Capture Remote System Discovery Third-party Software Data from Local System Exfiltration Over Command and Control Channel Data Encoding
Redundant Access Hidden Files and Directories Network Sniffing System Information Discovery Trap Data from Network Shared Drive Exfiltration Over Other Network Medium Data Obfuscation
Trap Indicator Removal from Tools Private Keys System Network Configuration Discovery Data from Removable Media Exfiltration Over Physical Medium Fallback Channels
Valid Accounts Indicator Removal on Host Two-Factor Authentication Interception System Network Connections Discovery Input Capture Scheduled Transfer Multi-Stage Channels
Web Shell Install Root Certificate System Owner/User Discovery Screen Capture Multiband Communication
Masquerading Multilayer Encryption
Redundant Access
Rootkits Remote File Copy
Scripting Standard Application Layer Protocol
Space after Filename Standard Cryptographic Protocol
Timestomp Standard Non-Application Layer Protocol
Valid Accounts Uncommonly Used Port
Web Service
Reference in New Issue View Git Blame Copy Permalink